Security Alert: New Bagle.X Worm Variant Detected

By eweek  |  Posted 2004-04-08 Print this article Print

Bagle.X appears to be progressing slowly, but its seeding rate is consistent with previous Bagle versions that have witnessed great success.

There is an apparent seeding of a new Bagle worm variant, Bagle.X, currently in progress. While this seeding appears to be progressing at a slow rate, previous versions of the Bagle worms have been seeded in a similar manner and have witnessed great success. Bagle.X is 7824 bytes, is packed with FSG and has an MD5 value of 0252d4a699c7de3a0d7cae1d50ef365c. Bagle.X drops a file named window.exe in the Windows System32 directory. Bagle.X also opens a backdoor on a random TCP port.
For more information on Bagle.X, along with details on how to identify and remove it, see the iDefense Bagle.X security alert.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel